Screencasts - Hilfsvideos

Keyboard do not respond in Bootguard if I use PGP Keys on an eToken

Created: 16 Okt. 2012 • Aktualisiert: 16 Okt. 2012 | 8 Kommentare

Hi,

Issue: Keyboard do not respond in Bootguard if I use PGP Keys on an eToken with PGP-WDE 10.x till 10.2.1 MP3

Environment:  
- OLD ASUS M4A77TD PRO, AMD Phenom II X4 965, Win7/XP
- New ASUS Sabertooth 990FX R2.0, AMD Phenom II X4 965 Win7/XP
 

My investigation to this subject:

1) If I use none smartcard keys in PGP-WDE, Bootguard works fine at all - So I expect the Bootguard can handle my Keyboard, my USB chipset on the motherboard and the SATA harddisks

2) If I add a smartcard based key to an already encrypted drive which works fine with Bootguard, the system hangs after the next reboot on the Bootguard screen. Hangs means, the keyboard is not responding to enter a PIN/password. It hangs independend if the eToken is inserted or not.

3) If I put this harddisk to an older Intel based DELL PC and boot from this disk all works fine - including Smartcard support in Bootguard. So I expect Bootguard or the Harddisk is not corrupted

4) I have tested with different keyboards, with only one USB device (keyboard) connected and with several settings in the BIOS. Of course I have tested all available ports.- nothing helps
 
5) I have excluded USB Host controller with --add-pci-exclusion to prevent conflicts with probing USB Host controllers - this also not help

6) I have replaced the motherboard to make sure that not a faulty board or a problematic chipset is the root cause - this also not help

What I see is that PGP-WDE has problems with their eToken drivers and AMD mainboards/chipsets? Is this true? I do not found a hint to this at any Symantec/PGP support page.

What motherboards are supported?
 

Frank

Kommentare KommentareZum neuesten Kommentar

das Bild der Tom Mcs

This Knowledge Base Article may be helpful.  As well as this KBA,

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

das Bild der fn-wde-0815s

Thanks, but the eTokens Pro 64k that I use work well with PGP-WDE on other (Intel) systems (see point 3). And if I understand PGP-WDE Bootguard right it do not use eToken Windows drivers. Windows drivers are active after the OS (XP/Win7) is up. Looks the BootGuard eToken Driver (Linux?) will be first activated when a smartcard key is used for the WDE.

And if there would be a problem with an unsupported eToken Booguard would allow keyboard interactions in case no token was inserted.

das Bild der fn-wde-0815s

https://www-secure.symantec.com/connect/de/forums/...

As I see I'm not the only one with this issue. Looks the CPU is the root cause of the issue and Symantec is not willing to work on this bug.

Is there anyone here with a working AM3, AM3+ motherboard which works with smartcard based preboot authentication in PGP Bootguard?

das Bild der zeus29s

This issue was never solved for me either.   I dealt with Symantec itself for hours and they weren't able to get it to work. I think it sometype of issue because of AMD, hope someday it gets fixed.  Thanks for letting me know that you were having the same problem Frank :(.

das Bild der PGP_Bens

I am sorry about the very late response to this thread. Is this an issue that yo uare still facing today with PGP Desktop? There is no compatbility issues with the AM3 chipset, to my knowledge, so I would like to try and rule that out (if possible) first and see if you have any other USB devices attached to the sytsem which could be conflicting?

The most common issue that we have seen related to this is in having an Logitech USB webcam attached ot the system at startup.

I have an test machine with an AM3 chipset. I will see if I can get some testing done on it.

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

das Bild der PGP_Bens

I stand corrected :)

I tested out an RSA SecureID800 Token on my AM3 Motherboard with AMD Athlon X2 440 Quad Core CPU and after adding the USB token users key to WDE and rebooting it hangs up at the bootguard screen now. The only thing you can do is hard shut it down since it won't respond to any keyboard requests or anything.

I will be filing a bug on this issue tomorrow since I'm able to reproduce it.

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

das Bild der zeus29s

Ben,

Thank you for looking into this sir, it is good you have the same issue. Isn't that a typical American?   If I am suffering it is okay as long as my neighbor is as well, nice huh?  lol

Happy Holidays and I look forward to seeing a resolution.

das Bild der PGP_Bens

The bug has been filed. I did find that a ps2 keyboard works fine as a workaround. But the problem is, more and more motherboards/computer manufacturers are no longer included ps2 keyboard inputs today. But maybe that will help someone in the meantime.

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.